What are the common types of computer viruses? What to watch out for and what they do.

What are the common types of computer viruses? What to watch out for and what they do.

VirusWordCloud

The Boot Sector Virus

From a user perspective, boot sector viruses are some of the most dangerous. Because they infect the master boot record, they are notoriously difficult to remove, often requiring a full system format. This is especially true if the virus has encrypted the boot sector or excessively damaged the code.

They typically spread via removable media. They reached a peak in the 1990’s when floppy disks were the norm, but you can still find them on USB drives and in email attachments. Luckily, improvements in BIOS architecture have reduced their prevalence in the last few years.

A Direct Action Virus

A direct action virus is one of the two main types of file infector viruses (the other being a resident virus). The virus is considered “non-resident”; it doesn’t install itself or remain hidden in your computer’s memory.

It works by attaching itself to a particular type of file (typically EXE or COM files). When someone executes the file, it springs into life, looking for other similar files in the directory for it to spread to.

On a positive note, the virus does not typically delete files nor hinder your system’s performance. Aside from some files becoming inaccessible, it has a minimal impact on a user and can be easily removed with an anti-virus program.

A Resident Virus

Resident viruses are the other primary type of file infectors. Unlike direct action viruses, they install themselves on a computer. It allows them to work even when the original source of the infection has been eradicated. As such, experts consider them to be more dangerous than their direct action cousin.

Depending on the programming of the virus, they can be tricky to spot and even trickier to remove. You can split resident viruses into two areas; fast infectors and slow infectors. Fast infectors cause as much damage as quickly as possible and are thus easier to spot; slow infectors are harder to recognize because their symptoms develop slowly.

In a worst-case scenario, they can even attach themselves to your anti-virus software, infecting every file the software scans. You often need a unique tool—such as an operating system patch—for their total removal. An anti-malware app will not be enough to protect you.

The Multipart Virus

While some viruses are happy to spread via one method or deliver a single payload, multipart viruses want it all. A virus of this type may spread in multiple ways, and it may take different actions on an infected computer depending on variables, such as the operating system installed or the existence of certain files.

They can simultaneously infect both the boot sector and executable files, allowing them to act quickly and spread rapidly. The two-pronged attack makes them tough to remove. Even if you clean a machine’s program files, if the virus remains in the boot sector, it will immediately reproduce once you turn on the computer again.

Virus

A Polymorphic Virus

Polymorphic viruses are one of the most difficult to detect/remove for an anti-virus program. Anti-virus firms need to “spend days or months creating the detection routines needed to catch a single polymorphic”.

But why are they so hard to protect against? The clue is in the name. Anti-virus software can only blacklist one variant of a virus—but a polymorphic virus changes its signature (binary pattern) every time it replicates. To an anti-virus program, it looks like an entirely different piece of software, and can, therefore, elude the blacklist.

An Overwrite Virus

To an end-user, an overwrite virus is one of the most frustrating, even if it’s not particularly dangerous for your system as a whole.

That’s because it will delete the contents of any file which it infects; the only way to remove the virus is to delete the file, and consequently, lose its contents. It can infect both standalone files and entire pieces of software.

Overwrite viruses typically have low visibility and are spread via email, making them hard to identify for an average PC user. They enjoyed a heyday in the early 2000’s with Windows 2000 and Windows NT, but you can still find them in the wild.

The Space-Filler Virus

Also known as “Cavity Viruses”, Space-Filler viruses are more intelligent than most of their counterparts. A typical modus operandi for a virus is to simply attach itself to a file, but Space-Fillers try to get into the empty space which can sometimes be found within the file itself.

This method allows it to infect a program without damaging the code or increasing its size, thus enabling it to bypass the need for the stealthy anti-detection techniques other viruses rely on.

Luckily, this type of virus is relatively rare, though the growth of Windows Portable Executable files is giving them a new lease of life.

Virus and malware prevention is better than trying for removal later.

As always, taking sensible steps to protect yourself is preferable to dealing with the potentially crippling fallout if you’re unlucky enough to get infected. For starters, you need to use a highly-regarded antivirus suite. Here at Canton Computers we recommend Webroot Antivirus at $49.95 for 1 year and 3 systems and also Malwarebytes’s Anti-Malware at $39.95 for 1 year and 3 systems. Also, don’t open emails from unrecognized sources, don’t trust free USB sticks from conferences and expos, don’t let strangers use your system, and don’t install software from random websites! If you have gotten infected come on in to either of our locations and mention this post and get a virus clean up for $89.00